Bi-directional synchronization issue: Authorization header

Owned by Igor Krasnykh
Last updated: Jan 31, 2020
1 min read

Problem

After installation, you cannot get Salesforce to update any data in Salesforce for any objects or if you are seeing the following issue:

Failed getting a request token. HTTP Code = 400. Message: Bad Request. Response Body: oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key

Pre-Condition

You've confirmed the following

  • When updating a record in Salesforce, it is successfully added to the Magento Queue
  • Magento Queue is automatically being processed and you can see status of records being changed
  • All records have "Success" message before they are removed from the Queue
  • You see the following error in salesforce logs sf-trace-0.0.log file
2015-10-22T19:18:08+00:00 DEBUG (7): ========== Sync from Salesforce Start ==========
2015-10-22T19:18:08+00:00 DEBUG (7): ERROR: Authentication failed!
2015-10-22T19:18:08+00:00 DEBUG (7): ERROR: Authorization invalid, possible attack!

Solution

You server might be stripping out "Authorization" header from the request. You need to make sure Authorization header is not stripped out from the HTTPS request

Apache Configuration File (Example)

....

# For ELB SSL offloading

SetEnvIf X-Forwarded-Proto https HTTPS=on

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

ProxyPassMatch ....

Make sure the "Authorization" line is above the ProxyPassMatch for fcgi